Affected Products

All versions of SGOS are affected.
The current Trust Package contains the expired CA certificate.

Overview

The DigiCert_High_Assurance_EV_Root_Inter_CA CA certificate on ProxySG expired on Sept. 30th 2015. Websites such as Facebook, Twitter, Instagram, etc. that need this certificate chain will not load properly.

Engineering have provided an update to the Trust Package to remove this expired certificate.

See resolution.

For versions of 6.3 and above you can update the trust package by connecting to the CLI console via ssh and issuing the following commands:

2015-10-01 08:52:30-00:00UTC "CFSSL: Deleted ca-cert 'DigiCert_High_Assurance_EV_Root_Inter_CA' from the browser-trusted CCL since it has been removed from the factory image" 0 140002:7D tp_installer.cpp:950
2015-10-01 08:52:30-00:00UTC "CFSSL: Deleted ca-cert 'DigiCert_High_Assurance_EV_Root_Inter_CA' since it has been removed from the factory image" 0 140002:7D tp_installer.cpp:1011